Hi, I do not know if I really should be included in the reviewers count, as I am a participant in the coman work since it started, and my name shows up on the list of authors, although in all sincerity most of the credits go to Mehmet, who hold the pen for most of the time, including this latest wound which split the original document into two separate documents - one for use cases, the other for problem statement and requirements. Anyway, FWIW I obviously believe this work is useful and I support doing it in the OPSAWG. I have a few comments recorded below:
draft-ersue-opsawg-coman-use-cases 1. I do not believe that we can get away with a zero-content security considerations section. The described use cases mention the need to secure information collected by constrained devices, some other (like security cameras) carry information related to personal or public security that needs to be protected by robust mechanisms. These kind of threats need to be mentioned IMO. draft-ersue-opsawg-coman-probstate-reqs 1. The draft uses the 'adjective' small device in association with constrained device in a few place. I suggest to remove this. There is no automatic association of a device being small implying that it is also constrained. Nor are all constrained devices small in size. 2. We have made an effort in the last few versions and especially in this one to distinguish between the constrained devices and constrained networks, but the clean-up on this issue is not complete. For example section 1.6 still has text about constrained networks - this section and other in which constrained networks are mentioned should be carefully examined to make sure that the focus of the document stays with constrained devices, and that if constrained networks are mentioned at all this is in the context of their relationship with the constrained devices. 3. I do not believe that we can get away with a zero-content security considerations section here either. The document even says: If specific requirements for security will be identified, they will be described in future versions of this document. This is not accurate - section 3.6 already speaks about requirments for security and access control, and section 1.6 mentions limitations that would prevent the implementation of strong scryptographic algorythms. The text needs to be reviewed and revised from this perspective. Regards, Dan > -----Original Message----- > From: OPSAWG [mailto:[email protected]] On Behalf Of Warren Kumari > Sent: Wednesday, December 04, 2013 6:49 PM > To: [email protected] > Subject: [OPSAWG] Call for reviewers of draft-ersue-opsawg-coman-* > > Hi all, > > Hopefully you all had a good Thanksgiving -- if you are in the US, > hopefully you had good turkey, stuffing / whatever. > If you are not US based, hopefully you enjoyed the decrease in email > volume while everyone recovered form eating too much. :-) > > One of the action items from Vancouver was for us to call for reviewers > for: > http://datatracker.ietf.org/doc/draft-ersue-opsawg-coman-probstate-reqs/ > and > http://datatracker.ietf.org/doc/draft-ersue-opsawg-coman-use-cases/ > > So, can we get some volunteers please? According to our new guidelines > we require sufficient reviewers before adopting new work. > > The documents are (IMO) interesting and easy to read. Constrained > devices have some interesting requirements and limitations. > If you would like a quick reminder / refresher from the meeting, slides > are here: http://tools.ietf.org/agenda/88/slides/slides-88-opsawg-11.pdf > > Juergen Schoenwaelder <[email protected]> indicated > that one of his Ph.D. students had read the draft a couple of weeks ago. > So they just have to review the changes to the latest version. > > > W > -- > "I think it would be a good idea." > - Mahatma Ghandi, when asked what he thought of Western civilization > > > > _______________________________________________ > OPSAWG mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/opsawg _______________________________________________ OPSAWG mailing list [email protected] https://www.ietf.org/mailman/listinfo/opsawg
